Hey stupid! Don't just throw that out - Corporate disposal policies keep your organization out of the headlines

It’s hard to believe that with the multitude of federal, state and local laws, as well as industry regulations, that financial institutions would simply throw out files and equipment with no regard for the private information undoubtedly contained therein. We examine the background, best practices, educational techniques and corporate policies that keep corporations out of the headlines and away from government [...]


Information privacy Way Back when?

Have you ever visited archive.org or used their Way Back machine? It’s a catalog of the Internet, and in my opinion one of the most ambitious projects undertaken. The privacy and persistence of the Internet, as evidenced by the Way Back Machine will have long term effects on the way legislation and the judicial system treat [...]


Password hacking with chocolate: Are women more susceptible to social engineering?

The Mitnick attack. The 10 attack. Social Engineering. Each of these emphasize how readily people part with valuable information to someone posing as an IT staffer, a very attractive member of the opposite sex, or someone friendly. You may now add candy bars and women…

No matter how you slice it, the weakest point in any security program ends up being the end user. User training seems to work with frequency of message, but without hearing the importance of security it seems quickly forgotten.

That is of course, unless the message starts at the top with a strong corporate policy, well understood [...]


Progress report: CIPP

The International Association of Privacy Professionals packed as much data into as small of a package as possible. The CIPP book part (less the citations & glossary) is 250 pages. I don’t know if I’ve ever read a book with quite the information density (the phone book maybe).
I have the shell of the CIPP Guide site operational. You may find it at cippguide.org. The test engine does require registration, and is a little thin. This will change (rapidly) as I progress through test preparations.

“Relying on the government to protect your privacy is like asking a [...]


Protect America Act

The Protect America Act (PAA). Another perfect example of how government regulations and piece meal privacy protections affect the American populous. And most of us don’t even know it. People check their credit scores, and deal with the occasional letter from their bank or TJX telling them their personally identifiable information was compromised. Sometimes a newspaper prints an article surrounding the warrant violations, or a case is sensationalized on Law and Order. Until now, the Internet was a safer haven.

One of the things that’s come up during my CIPP preparation is the European Union’s approach to personal privacy (European Data Protection [...]